Bench TalkBench Talk for Design Engineers | The Official Blog of Mouser Electronicshttps://www.mouser.com/blogHow IoT System Design Makes a Differencehttps://www.mouser.com/blog/how-iot-system-design-makes-a-differenceAll,Automation,Automotive,Computing,Industrial,IoTSat, 09 May 2020 04:21:10 GMT<p><img alt="" src="/blog/Portals/11/Bhattacharjee_Designing%20Security%20for%20IoT%20Systems_Theme%20Image.jpg" style="width: 600px; height: 341px;" title="" /></p>
<p style="font-size:10px;"><em><small>(Source: metamorworks/Shutterstock.com)</small></em></p>
<p>According to multiple market research reports, Internet of Things security is a top concern for both industrial and individual consumers. Secure design without driving up price is a delicate balancing act for system designers. Add to that the organizational pressures to accelerate time-to-market.</p>
<p>In the case of IoT products, an additional challenge is the lack of integrated security standards and certification guidelines. Nevertheless, in IoT markets, secure design is no longer only a design imperative but also a competitive differentiator.</p>
<p>The cyber-physical attributes of IoT products <a href="https://www.mouser.com/blog/securing-iot-products-from-unique-threats">expose them to new types of threats</a> unseen in traditional computing systems. Successful exploits of these threats directly affect not just the product lifecycle but also its market longevity. In the following, we&rsquo;ll take a look at a full-stack approach to integrate secure design in a way that reduces both complexity and implementation costs.</p>
<div>
<h2>Security Begins with Silicon</h2>
</div>
<p>Because of direct exposure to physical environments, IoT systems are vulnerable to many complex attack scenarios. Software-based security alone cannot safeguard against these threats. A hardware-based, tamper-resistant trust-model has been demonstrated to outperform software in many attack scenarios. By establishing the root-of-trust in silicon and by storing secrets in hardware vaults can significantly harden the system. Hardware-based security offers power-efficiency. The complexity of firmware updates can be reduced by using IoT-specific security solutions.</p>
<p>Infineon&rsquo;s OPTIGA Trust family, for example, offers many turnkey trust solutions at the silicon layer. <a href="https://www.mouser.com/new/infineon/infineon-optiga-trust-x-security/">OPTIGA&trade; Trust X (SLS 32AIA)</a> is a high-end security controller that can be integrated into products across a wide range of industrial automation, consumer, and smart city use cases.</p>
<p>Crypto-accelerators help to embed cryptographic capabilities within small form factors. Hardware security modules (HSMs) and Trusted Platform Module (TPMs) (defined in International Organization for Standardization &nbsp;and Trusted Computing Group standards) can be used for strong tamper resistance, cryptographic key storage, and key generation using hardware random number generators (RNGs), strong authentication, boot integrity protection, and firmware integrity measurements.</p>
<div>
<h2>Secure Boot Process and Device Identity</h2>
</div>
<p>Because IoT devices might not be rebooted for long intervals, it is important to ensure boot process integrity through measurement and validation. This prevents a compromised device from exchanging data. Measured boot, verified boot, and secured boot are three options to ensure device integrity during boot. A range of security ICs is available to reduce the complexity of boot protection and that of managing the integrity metrics.</p>
<p>Once booted, the device needs to authenticate itself using identity credentials. For machine-to-machine scenarios, authentication keys and certificates are more suitable than passwords. In addition to device-level Identity and Access Management, it is also important to authenticate and control access for hardware elements, firmware, application programming interface (API) calls, etc. by adhering to the principles of separation of duty, least privilege, and role-based permissions. TPMs allow the secured authentication of devices and systems looking to connect to clouds, servers, and other devices.</p>
<p>Securing the software and firmware updates is also crucial for connected systems to prevent malicious code in the system that could lead to dire consequences. Digital signature verification and hashing are two common mechanisms to secure firmware updates.</p>
<div>
<h2>Securing Communication</h2>
</div>
<p>In M2M and machine-to-cloud communications, embedded systems need to communicate over heterogeneous networks involving various standard and proprietary protocols. To protect against eavesdropping, message tampering, etc., VPNs, encrypted tunnels can be used. Resourced-constrained systems with small-footprint (sensors, actuators) can rely on gateways for secure communication.&nbsp; Third-party security ICs can be used to store keys, certificates used in the communication protocols and cryptographic operations.</p>
<div>
<h2>Protection of Data Integrity</h2>
</div>
<p>Data integrity is a critical part of product design because compromised data can sabotage the entire IoT ecosystem. Data includes device-generated raw data, secrets, libraries, binary executable, configuration and log files, etc. These can be classified as:<br />
&nbsp;</p>
<ul>
<li>Stored data &ndash; Data-at-Rest (DAR)</li>
<li>Runtime data &ndash; Data-in-Use (DIU)</li>
<li>Sent/Received Data &ndash; Data-in-Motion (DIM)<br />
&nbsp;</li>
</ul>
<p>Traditionally, checksum is used to validate data integrity, but the IoT threat landscape requires more advanced integrity controls. Cryptographic signatures can attest to data integrity at any point in the workflow. Hardware trust root or TPM is usually used for the signing. The signing key can also be securely stored there. Some of the common data integrity measures are shown in <strong>Table 1</strong>.</p>
<p><em><small><strong>Table 1:</strong> Common Data Integrity Measures (Source: Practical Industrial Internet of Things)</small></em></p>
<table border="1" cellpadding="0" cellspacing="0">
<tbody>
<tr>
<td style="width:78px;">
<p style="text-align: center;">DAR</p>
</td>
<td style="width:545px;">
<p>Symmetric key encryption using software-enabled stores, secure storage of secrets/keys in hardware/Trusted Platform Module.</p>
</td>
</tr>
<tr>
<td style="width:78px;">
<p style="text-align: center;">DIU</p>
</td>
<td style="width:545px;">
<p>Policy-based blacklisting or whitelisting of files; control memory rights access to protect memory regions from unauthorized access; and runtime process integrity attestation, secure coding, buffer overflow protection, input/output checks.&nbsp;</p>
</td>
</tr>
<tr>
<td style="width:78px;">
<p style="text-align: center;">DIM</p>
</td>
<td style="width:545px;">
<p>Integrity using signed message digests, session key-based encryption, digital certificates.</p>
</td>
</tr>
</tbody>
</table>
<p><em><small><strong>Figure 1</strong>: Stack of various levels of security (Source: Practical Industrial Internet of Things)</small></em></p>
<div>
<h2>Leveraging IoT Security Platforms and Plug-ins</h2>
</div>
<p>For system developers, complying with a myriad cybersecurity standards is a major challenge in IoT design. IoT security platforms and products resulting from ecosystem partnerships among security vendors can ease the burden. These integrated security platforms provide robust hardware and software design and toolset that system designers can either replicate or customize to fit their application needs.&nbsp; &nbsp;</p>
<h2>Conclusion</h2>
<p>System designers face multiple technical and business challenges in designing adequate security for IoT systems. A full-stack approach for security should be considered to ensure that adequate security at every layer of the system has been considered such as hardware, boot process and firmware update integrity, communication, and data integrity. Designing security also needs to factor in use-case security requirements, as not every use-case or system requires the same level of security.</p>
14105G IoT Emerges as a Platform for AI and Roboticshttps://www.mouser.com/blog/5g-iot-emerges-platform-ai-roboticsAll,Industrial,IoT,SensorsSat, 25 Apr 2020 04:57:15 GMT<p><img alt="" src="/blog/Portals/11/Bhattacharjee_5G-IoT%20AI%20Robotics_Theme%20Image.jpg" style="width: 600px; height: 319px;" title="" /></p>
<p><em><small>(<strong>Source</strong>: Fit Ztudio/Shutterstock.com)</small></em></p>
<p>In the era of Internet of Things (IoT) connectivity, Artificial intelligence (AI)-powered robotics is rising to new heights of our technological ambitions. Improved cognition capability, real-time decision-making, and smarter motor-actions have positioned robotics for higher-precision and mission-critical use cases&ndash;whether it is on a congested road, factory floor, or during a complex medical procedure.</p>
<p>One thing this new generation of AI/robotics applications share in common is they generate huge amounts of data that need to be reliably crunched and transported with near-zero delay (latency). The efficacy of these applications heavily relies on seamless roaming, thus requiring wireless connectivity rather than wired links at the edge.</p>
<p>The fifth generation of 3GPP (5G) standards incorporates this neo-vision of AI-powered robotics. In addition to supporting higher speeds and more data capacity, 5G networks are designed to enable the ambitions of a new generation of robots that will change not just our factories and offices, but also our everyday lives.</p>
<div>
<h2><strong>Robotics, Hi-Speed Data Crunch, and 5G</strong></h2>
</div>
<p>The connection between 5G networks and robotics might not be all that obvious. Historically, robotics has mostly focused on advanced electronics and AI-software to improve motion dynamics, sensory functions, cognition, etc. But IoT has expanded the scope of AI and robotics from local to global scale.</p>
<p>High-speed wireless networks and cloud computing are the key enablers of these connected robotics applications.</p>
<p>In hospitals and factories, robots have been widely used to perform mundane functions such as moving things from one place to another, perform repetitive tasks such as parts assembly, locomotion, etc. Next-generation robots take this to a new level as they can perform sophisticated functions in telesurgery, where the doctors can orchestrate the surgery remotely (possibly from the other end of the planet) while the robots would perform the actual operation based on real-time command and control.</p>
<p>Autonomous vehicles, unmanned drones, gyrocopters, etc., are all newer applications of AI and robotics that rely on high-speed computing and communication to make accurate, reliable decisions in real-time.</p>
<p>The 5G standards are designed and have been aggressively tested worldwide as a key enabler to support these connected robotics applications that heavily rely on cloud computing. AI/robotics application design would need to tie in with public cloud platforms such as Azure, AWS, GCP, etc., which would also allow them to leverage cloud-based machine learning services.</p>
<p>In July 2019, cloud service provider Microsoft and networking giant AT&amp;T entered into a $2 billion (USD) multiyear alliance covering cloud, AI, and 5G. As 5G and cloud get more tightly meshed to power AI applications, cloud partnerships would become increasingly important for 5G service providers such as AT&amp;T and Verizon to offer cloud-based 5G services.</p>
<div>
<h2><strong>5G Infrastructure for Robotics</strong></h2>
</div>
<p>One of the biggest challenges for robotics development is latency. Latency is the time it takes to send data from the source point to its destination. In the case of robotics, sensor signals are transmitted to the cloud for advanced processing, based on which commands are generated. The robot takes action based on the commands it receives from the cloud. Unless the sensor outputs and computed commands can be sent and received fast enough, the robot&rsquo;s functionality is severely limited.</p>
<p>4G cannot offer the ultra-low latency needed by the next-gen mobile robotics applications. The latency in 4G networks is about 50ms (milliseconds). Besides, in addition to large amounts of data transport and processing, robotic systems are also sensitive to lost and erroneous data. Because of latency and instability concerns with previous generations of cellular technology, the only option to reliably transmit-receive vast amounts of data was to tether the robots with wired connectivity. 5G standards address these limitations head-on.</p>
<p>5G is the first 3GPP standard that promises to reduce latency to less than 1ms, offer nearly 10 times 4G bandwidth while maintaining compatibility with 4G. What this means is industries can still adopt 5G without having to worry about the longevity of their 4G networks.</p>
<p>Latency reduces as the source and destination points come closer. To offer ultra-low latency experience, 5G architectures would bring data processing closer to the &ldquo;edge&rdquo; (or the robot endpoints). Unlike 4G, where the endpoint communicates with only one cell tower, in 5G infrastructure endpoints simultaneously communicate with many towers and antennas for higher speeds and lower latency. This requires more towers and antennas and more data centers to process the data near the edge, in other words, data centers would need to geographically expand to support the 5G infrastructure.</p>
<p>AI-powered robots are also envisioned as the key enablers of smart, intelligent factories where industrial robots can autonomously carry out tasks or collaborate with humans (collaborative robots, or cobots) on tasks that require human intervention. Such smart factories involve a constant flow of information regarding the various processes in the manufacturing workflows. Current mobile networks are not designed for such bandwidth-intensive applications. In 5G, bandwidth can be divided into slices. These slices can run over a common network infrastructure. This would allow each aspect of the manufacturing process to utilize a different slice to reliably exchange sensory signals and robot instructions in real-time.&nbsp;</p>
<div>
<h2><strong>Final Thoughts</strong></h2>
</div>
<p>Ubiquitous AI/robotics applications such as telesurgery, autonomous vehicles, etc. are still at an early concept phase, and 5G is yet to be rolled out at a commercial scale worldwide. In the US, 5G commercialization is expected in 2020, and global commercialization by 2023. Although application reliability for remote robotics depends on 5G going mainstream, there are extensive alliances and partnerships between RF chipset manufacturers, cloud providers, system developers, and cellular service providers to design, develop, test, and harden 5G-enabled systems for the future.</p>
1401Energy Harvesting Is an Emerging IoT Enablerhttps://www.mouser.com/blog/energy-harvesting-emerging-iot-enablerAll,Energy Harvesting,IoT,SensorsFri, 24 Apr 2020 01:09:24 GMT<p><img alt="" src="/blog/Portals/11/Bhattacharjee_Energy%20Harvesting%20IoT%20Enabler_Theme%20Image.jpg" style="width: 600px; height: 227px;" title="" /></p>
<p><em><small>(Source: Franz Metelec/Shutterstock.com)</small></em></p>
<p>Internet of Things (IoT) power design is always a challenge. Since IoT devices are mostly deployed in remote locations, frequent battery replacement is not always practical. Designers have to find alternate ways to power them portably. Minimizing power consumption is usually the Holy Grail; however, comes by trading off features, connectivity, range, and even built-in security capabilities (such as cryptography).</p>
<p>In spite of low power connectivity options (such as LoRa, LPWAN), energy-efficient circuits, and improvements in battery design, devices mostly exceed battery life. What if instead of solely relying on a static power source, IoT devices can dynamically generate power? Energy harvesting is a promising option on the horizon to enable just that.</p>
<div>
<h2>Exploring Energy Harvesting for IoT</h2>
</div>
<p>The number of IoT sensors and devices deployed in remote locations can easily scale to thousands. Frequent truck rolls to replace batteries not only affect profit margins and the return-on-investment curve, but it also runs the risk of losing data.</p>
<p>The capability to siphon energy from surroundings is highly valued in IoT use cases. Harvesting energy from environmental sources such as sunlight, motion, ambient RF, heat, wind, vibration, etc., is not an entirely new concept. But the growing demand for power-efficient, safe, and durable systems that require minimum to no maintenance is driving its demand.</p>
<p>According to IDTechEx research, the energy harvesting market size is set to grow from $400 million in 2017 to $2.6 billion (USD) in 2024. The growing adoption of IoT and wireless sensor networks ties to these forecasts.</p>
<p>Energy harvesting involves transducers to convert energy from ambient sources into electricity to power the electronics. Depending on energy sources, transducer technology could be piezoelectric, thermoelectric, electromagnetic, photovoltaic, radiofrequency, etc.&nbsp;&nbsp;&nbsp;&nbsp;</p>
<p>Currently, photovoltaic cells are commonly used to power toys, gadgets, and even home appliances by converting solar energy into electricity. In the case of RFID, strong local signals aimed directly at the sensor are rectified. Powercast&rsquo;s <a href="https://www.mouser.com/new/powercast/powercast-Px110-powerharvester/" target="_blank">P2110 RF Powerharvester</a> is another example that converts low-frequency RF signals into DC electricity (5.25V, up to 50mA). P2110 can be used to design battery-free wireless sensor nodes that can operate with very low RF input (-11.5dBm) in various industrial applications such as smart grids, building automation, military, agriculture, etc.</p>
<div>
<h2>Promises and Challenges of Energy Harvesting for IoT</h2>
</div>
<p>Energy-harvesting&rsquo;s biggest promise is to prolong IoT battery life if not completely dispense it. Technologies to harvest energy have come a long way over the last decade. Yet, cost and complexity barriers to install and integrate are still there and must be carefully considered. It should be reasonable when compared to the overall IoT solution. &nbsp;</p>
<p>Another consideration is the differential of power usage in machine-to-machine (M2M) communications. An agricultural sensor, for example, might be sending/receiving data in bursts at various periods during the day. Other than that, it&rsquo;s mostly idle drawing very little power. Power consumption spikes up when bursts of data are sent. The energy harvester needs to handle M2M energy burst requirements in terms of peak-load current (amps) and operating voltage requirements (volts).</p>
<h3>Energy Harvesting for IoT Success Stories</h3>
<p>Although IoT energy harvesting technologies are still being incubated in labs worldwide, there are already some encouraging success stories.</p>
<h4>Rectenna: Wi-Fi energy harvesting by MIT researchers</h4>
<p>Rectenna is a device that uses a flexible antenna to capture AC electromagnetic waves (including the ubiquitous Wi-Fi signals) and converts those into DC electricity. The antenna connects to a two-dimensional semiconductor with the thickness of a few atoms. As the AC signal goes into the semiconductor, DC voltage is generated, which can be used to power electronic circuits, PMICs, or to recharge batteries.</p>
<p>When exposed to typical Wi-Fi power-levels (approximately 150&micro;W [microwatts]), during lab trials, the rectenna produced about 40&micro;W. The conversion rate is fairly good and the power is enough to drive a silicon chipset or to light up an LED.</p>
<h4>Solar-Wind Hybrid Harvesting Platform</h4>
<p>Scientists at the National Center for Nanoscience and Technology (NCNT) in Beijing were able to design a single platform to harvest both solar and wind energy (<strong>Figure 1</strong>). It integrates a triboelectric nanogenerator (to convert wind energy into electricity) with a highly efficient solar cell. The component was tested to produce 8mW of power on the solar side, and up to 26mW by the wind harvester, which translates to high power density for a 120mm &times; 22mm &times; 2mm platform.</p>
<p>This hybrid nanogenerator was designed mainly as a source of renewable energy for smart cities. However, it can also power embedded and IoT devices.</p>
<p style="margin-left:.5in;"><img alt="" src="/blog/Portals/11/Bhattacharjee_Energy%20Harvesting%20IoT%20Enabler_Figure%201.jpg" style="width: 600px; height: 700px;" title="" /></p>
<p><em><small><strong>Figure 1</strong>: Illustration of hybrid solar and wind harvesting cells. (Source: NCNT)</small></em></p>
<h4>RF Energy Harvester</h4>
<p><a href="https://e-peas.com/products/energy-harvesting/rf/aem40940/">E-peas&rsquo;s AEM40904</a> is a tiny-footprint (5-mm &times; 5-mm) PMIC that extracts AC power from ambient RF sources. The boost converter has 94 percent efficiency and supports a very low power startup (380mV/3 &micro;W) and low RF input power levels (&minus;18.5dBm up to 10dBm).</p>
<p>The harvested energy can simultaneously power a wide variety of IoT and embedded systems, and store excess energy in rechargeable batteries and capacitors. System designers can explore this capability in wireless IoT applications such as wearables, home automation, industrial monitoring, etc., to extend battery lifetime.</p>
<div>
<h2>Final Thoughts</h2>
</div>
<p><a href="https://www.mouser.com/Embedded-Solutions/Energy-Harvesting-Modules/_/N-8t3zx">Energy harvesting systems (EHS)</a> are driving a fusion between harvesting energy and battery storage, not necessarily a replacement. When considering EHS for system design, the cost versus value is a major consideration. As EHS modules mature, the cost-prohibitive component can be expected to slide down. It is also important to weigh in use-case imperatives, for example, power management for factory equipment is quite different from agricultural sensors.</p>
<p>Some EHS experts consider photovoltaic, ambient RF, and vibration to emerge as the &ldquo;big three&rdquo; harvesting options, because of their relatively lower cost and ease of installation.</p>
<p>The electronic design should continue to focus on low power consumption. Designers can choose energy harvesting to address the needs of specific IoT use cases. When power isn&rsquo;t a constraint it is possible to offer many attractive features and security capabilities.</p>
1399How Gateways Can Secure IoT Architectureshttps://www.mouser.com/blog/how-gateways-secure-iot-architecturesAll,IoT,Security,SensorsFri, 10 Apr 2020 04:50:00 GMT<p><img alt="" src="/blog/Portals/11/Bhatt_Gateways%20Secure%20IoT%20Architectures_Theme%20Image.jpg" style="width: 600px; height: 338px;" title="" /></p>
<p><em><small>(Source: Immersion Imagery/Shutterstock.com)</small></em></p>
<p>In a marketplace where 26&nbsp;billion Internet of Things (IoT) devices are expected to go live by 2020 (Gartner), it is critical to secure the enormous amount of data that these devices would generate. Transmitting data to and from the cloud involves many intermediate hops that increase latency. As such, the cloud can&rsquo;t exclusively secure end-to-end IoT architectures. Designing security intelligence closer to IoT devices is a more meaningful solution for many reasons.</p>
<div>
<h2>Gateway: The Port of Entry in IoT Architectures</h2>
</div>
<p>In most IoT architectures, an <a href="https://www.mouser.com/blog/critical-role-of-gateways-iot">edge gateway</a> is where the bulk of the ingress and egress data are processed (<strong>Figure 1</strong>)<strong>.</strong> A gateway aggregates data over various network segments, which might be running Wi-Fi, <strong>Bluetooth</strong><sup>&reg;</sup>, Sigfox, cellular, or Ethernet. This mix of protocols adds to the attack surface, but the importance of securing this point-of-data ingestion and aggregation is significant. Real-time security analysis, filtering, and processing of security data at the edge gateway improve the security posture of traffic flows on premises as well as from and to the cloud.</p>
<p>The sheer scale of the IoT helps threats evolve rapidly. IoT gateways often have direct peer-to-peer connections with on-premises devices (similar to the broker in a&nbsp;Message Queuing Telemetry Transport network). In the event of an attack, the proximity of security-hardened gateways provides a rapid response for controlling and minimizing damage to enterprise assets.</p>
<p><img alt="" src="/blog/Portals/11/Bhatt_Gateways%20Secure%20IoT%20Architectures_Theme%20Image_Figure%201.png" style="width: 600px; height: 368px;" title="" /></p>
<p><em><small><strong>Figure 1</strong>: Edge gateway diagram (Source: Texas Instruments)</small></em></p>
<p>Another advantage of IoT gateway security is that it helps reduce a network&rsquo;s attack surface. When the gateway handles the bulk of the edge analytics and computing, IoT traffic has to traverse fewer hops, which reduces the risk of unauthorized access and man-in-the-middle attacks.</p>
<div>
<h2>Gateway as a Security Agent</h2>
</div>
<p><a href="https://www.mouser.com/applications/industry-40/">Industry 4.0</a> use cases involve legacy networks, protocols (e.g.,&nbsp;Modbus), and devices that are connected to industrial IoT infrastructure through gateways. Open connectivity exposes legacy equipment to new threats that they were never designed to encounter. In such scenarios, the only option is to integrate security features in the IoT gateway, which acts as a security proxy for the legacy equipment it connects.</p>
<p><a href="https://www.mouser.com/blog/critical-role-of-gateways-iot">IoT gateways</a> also act as security agents for resource-constrained IoT devices, sensors, and actuators that lack the CPU horsepower, battery life, and storage to handle complex cryptographic security functions such as secured access, authentication, and encryption.</p>
<p>On virtualized platforms on which multiple virtual devices run on a hypervisor, the virtual gateway instance can act as the trust anchor for the entire hardware platform. It can execute various trust functions, such as mutual authentication, certificate-based access control, remote boot, update attestation, firewalling, and deep packet inspection. The software-based security functions are isolated from each individual virtual machine&rsquo;s guest operating system. This configuration is analogous to deploying a security gateway inside the device rather than in front of it.</p>
<div>
<h2>Designing Security for IoT Gateways</h2>
</div>
<p>Considering these use cases, an IoT gateway must always be designed to secure threat-prone IoT architectures. IoT gateway security has two aspects.</p>
<ul>
<li>Secure the devices</li>
<li>Secure the gateway.</li>
</ul>
<p>In IoT environments, both the devices and the gateway are prone to various threat vectors, including spoofing, denial-of-service, hardware or software tampering, data theft, and elevation of privilege. Considering the intended use cases where the gateway would be deployed, you can use various threat-modeling techniques to identify the security controls to be implemented in the gateway to protect IoT devices. For example, when an IoT gateway acts as a security proxy for legacy networks and devices, it can implement firewalls (hardware-based or software-defined), rule-based traffic filtering, and whitelisting.</p>
<p>It&rsquo;s important to note that these security features are designed to protect devices connected to the gateway; unless the gateway itself is secured, all accompanying security technologies would become useless if the gateways were compromised. To secure the gateway, it must be designed with endpoint security controls.</p>
<h2>Identity and Access Control</h2>
<p>The gateway needs a root of trust to identify itself on the network before it can participate in data exchange. A gateway can be designed as a trust anchor and equipped with key-based access control to grant access to authorized users and devices only. To protect the secrets (keys and certificates), secured storage or vaults can be implemented.</p>
<p>Often, gateways are exposed to extreme outdoor environments. Tamper-resistant hardware can protect them from physical damage.</p>
<h2>Over-the-Air Updates and Secure Boot</h2>
<p>Over-the-air updates ensure that the gateway is running the latest software and firmware free from common vulnerabilities and exposures. Secure boot enables the gateway to boot firmware images whose integrity and authenticity have been cryptographically verified. This precaution prevents booting the gateway with malicious firmware.</p>
<h2>Visibility and Threat Detection</h2>
<p>Fine-grained event logging provides sufficient visibility into the processes running in the gateway, which is useful for security audits and also automates threat detection and troubleshooting. In IoT environments, where accessibility could be constrained, it&rsquo;s more practical to automate threat detection by using machine learning or artificial intelligence. Machine learning enables us to identify behavioral baselines and can detect or even prevent anomalies.</p>
13815G Makes AVs Data Centers on Wheelshttps://www.mouser.com/blog/5g-makes-avs-data-centers-on-wheelsAllAutomotive,Computing,IoT,WirelessMon, 06 Apr 2020 05:01:00 GMT<p><img alt="" src="/blog/Portals/11/Bhatt_5G%20and%20V2X_Theme%20Image.jpg" style="width: 600px; height: 450px;" title="" /></p>
<p><em><small>(Source: Rittis/Shutterstock.com)</small></em></p>
<p>Driverless, autonomous transportation is a grand dream of this decade. What&rsquo;s needed to make this dream a reality is a unique combination of technologies that overcomes the overarching challenges of autonomous driving.</p>
<div>
<h2>A Quest for the Perfect Match</h2>
</div>
<p>Autonomous vehicles (AVs) need to handle an unprecedented amount of information in real time. For example, to avoid collisions, detect obstacles and pedestrians, and notice a free parking spot, a high volume of metadata must be exchanged among the vehicles, the city infrastructure (e.g.,&nbsp;traffic lights, public safety systems), fog/cloud service providers, and even automakers. According to Intel<sup>&reg;</sup>, 3.9TB (terabytes) of data must be processed for one such vehicle per day. That&rsquo;s the equivalent of the daily data usage of 2,666 internet users. Car components such as ultrasonics, radar, global positioning system, cameras, and infotainment systems all add up to this data surge.</p>
<p>The Institute of Electrical and Electronics Engineers and the US Department of Transportation are among the leading contributors to developing new standards for the secure and scalable exchange of data among vehicles (vehicle to vehicle [V2V]), vehicle to infrastructure (V2I), vehicle to network (V2N), vehicle to pedestrian (V2P)&mdash; collectively known as <em>vehicle to everything</em> (V2X).</p>
<p>But, V2X standards alone won&rsquo;t be enough. For vehicles to make complex, autonomous decisions in real time without sabotaging road safety, V2X systems must be orchestrated with a mobile communication ecosystem whose speed and data processing clout can match human reflexes. The reported accidents involving self-driving road tests in recent years emphasize this requirement. Among the 3rd Generation Partnership Project (3GPP) wireless standards, 5G is geared to meet these requirements.</p>
<div>
<h2>How Does 5G Fit into V2X Use Cases?</h2>
</div>
<p>The common premise of AVs is that they continuously sense the observed environment to select their driving trajectories in real time. In bandwidth-constrained radio environments, they have to deal with a high level of noise and interference and a highly dynamic configuration of external entities. To support V2X use cases, high data throughput is not enough. The network infrastructure must also support low-latency, high-reliability network and data security across diverse communication ranges.</p>
<p>Common V2X use cases that can eventually lead to fully connected automated vehicles include:</p>
<ul>
<li>Cooperative awareness (e.g.,&nbsp;emergency vehicle warning);</li>
<li>Cooperative sensing (exchange of raw sensor data);</li>
<li>Cooperative maneuver (coordination of the trajectories among vehicles for a lane change, platooning, intersection control, etc.);</li>
<li>Vulnerable road user&mdash;that is, notiﬁcation of pedestrians, cyclists, etc.; and</li>
<li>Road traffic efficiency (dynamic update of routes, maps, etc.).</li>
</ul>
<p>To support these use cases, more than one wireless technology may be relevant. For example, for short-range, direct communication among devices (V2V, V2I, and V2P) there&rsquo;s no dependency on the network for scheduling. <a href="https://arxiv.org/ftp/arxiv/papers/1310/1310.0116.pdf">3GPP Release 12/13 LTE Proximity Services</a> device-to-device interface can be used to reliably transfer large amounts of data among neighboring vehicles with ultra-low latency. In the case of device-to-network (V2N) communication, traditional cellular cloud services are necessary where 5G New Radio technology is an appropriate choice for what it promises.</p>
<h3>Connectivity and Performance</h3>
<p>Scaled data and devices are the top challenges of the self-driving era. Compared with 4G/LTE, 5G offers 1,000 times more bandwidth per unit area, 10,000 times more traffic, and 100 times more connected devices per unit area. 5G small-cell technology using millimeter wave bands is more spectrum efficient, which is a big plus for bandwidth-constrained V2X environments.</p>
<h3>Reliability</h3>
<p>5G promises ultra-low latency (&gt;1&nbsp;millisecond) that meets the reliability expectations of mission-critical V2X use cases. Relatively speaking, wireless data are easier to intercept and more vulnerable to man-in-the-middle attacks. 5G is expected to improve security by including mutual authentication, local secure elements, Transport Layer Security, 99.999&nbsp;percent availability, and over-the-air firmware updates for 5G electronics.</p>
<h3>Network Slicing</h3>
<p>Much like virtual machines on virtualized hardware platforms, the network slicing feature of 5G can support diverse classes of automotive services from different providers over the same infrastructure. It would allow, for example, the telecom operator, the road operator, and the automaker to offer different services to the vehicle and its passengers over a common 5G infrastructure.</p>
<div>
<h2>Requirements and Design Considerations for 5G V2X</h2>
</div>
<p>To connect vehicles and the back-end infrastructure, 5G V2X applications require new design requirements for the communication systems. 5G V2X specifications are <a href="https://www.3gpp.org/release-16">part of 3GPP Release&nbsp;16</a>.</p>
<p>Industry forums such as 3GPP and the 5G Automotive Association have identified use case&ndash;specific performance requirements for 5G V2X systems in terms of latency, reliability, and data rate. 3GPP identified the following five Categories of Requirements for 5G V2X.</p>
<ul>
<li><strong>General aspects.</strong> Interworking, communication-related requirements valid for all V2X scenarios</li>
<li><strong>Vehicles platooning.</strong> Vehicles traveling together with an extremely small distance between them</li>
<li><strong>Advanced driving:</strong> Semi-automated or fully automated driving</li>
<li><strong>Extended sensors.</strong> Information exchange of all V2X-enabled devices and network elements</li>
<li><strong>Remote driving.</strong> Operators control driving remotely (e.g.,&nbsp;in dangerous environments)</li>
</ul>
<p>It is important to note that the requirements for 5G V2X systems depend on use case scenarios (<strong>Figure 1</strong>). A typical lane change needs much less stringent latency/delay and reliability requirement than a cooperative maneuver in an emergency situation.</p>
<p>&nbsp;</p>
<p><img alt="" src="/blog/Portals/11/Bhatt_5G%20and%20V2X_5G%20V2X%20Table.png" style="width: 600px; height: 307px;" title="" /></p>
<p>&nbsp;</p>
<p><em><small><strong>Figure 1</strong>: The figure presents the latency and data rate V2X requirements for 5G, as defined in the 3GPP guidelines. These requirements are undergoing fine-tuning based on inputs from automobile original equipment manufacturers. (Source: <a href="(Source:%20Use%20Cases,%20Requirements,%20and%20Design%20Considerations%20for%205G%20V2X/arxiv.org)">Use Cases, Requirements, and Design Considerations for 5G/ V2X</a>/arxiv.org)</small></em></p>
<div>
<h2>Conclusion</h2>
</div>
<p>AVs are essentially data centers on wheels; they rely heavily on computing power at the edge. To transfer a week&rsquo;s worth of self-driving car data over an advanced Wi-Fi connection, today it would take 230&nbsp;days. As such, disruptive innovations in products and application-specific integrated circuit processing technology for new radio and antenna architectures are essential for supporting 5G V2X.</p>
1378Hardware-based Trust Is Critical for Securing IoThttps://www.mouser.com/blog/hardware-based-trust-critical-securing-iotAll,IoT,SecurityTue, 31 Mar 2020 03:37:13 GMT<p><img alt="Closeup of a red-hued circuit board connected to a CPU with a red hacker symbo" src="/blog/Portals/11/Bhattacharjee_Hardware-based%20trust%20for%20securing%20IoT_Theme%20Image-min.jpg" style="width: 600px; height: 338px;" title="Closeup of a red-hued circuit board connected to a CPU with a red hacker symbo" /></p>
<p><em><small>(Source: BeeBright/Shutterstock.com)</small></em></p>
<p>In a connected ecosystem, the consequences of a cyber-attack often defy our imagination. During the security breach of the Ukrainian power-grid in 2015, hundreds of thousands of people lost electricity for hours. The attackers not only knocked off the circuit breakers, but they could also remotely access the utility&rsquo;s Supervisory Control And Data Acquisition (SCADA) systems, wipe out hard disks from the controlling systems, and even infect the firmware of the critical subsystems. Malicious firmware updates are irreversible. So the only option was to fully replace those subsystems.</p>
<p>Attacks such as these compel us to think beyond our conventional approach to cybersecurity. Because of network connectivity, Internet of Things (IoT) devices and sensors are highly vulnerable to remotely launched exploits that pose serious threats for critical infrastructure, healthcare systems, financial systems, and the privacy and safety of individuals. <strong>Table 1</strong> summarizes possible threats those span across the IoT stack.</p>
<p><em><small><strong>Table 1</strong>: Threats and Vulnerabilities of IoT Endpoints table. (Source: Practical Industrial Internet of Things Security, Packt Publishers)</small></em></p>
<p><img alt="Threats and Vulnerabilities of IoT Endpoints table" src="/blog/Portals/11/Table%201-min.png" style="width: 650px; height: 394px;" title="Threats and Vulnerabilities of IoT Endpoints table" /></p>
<p>To secure traditional computing, it was probably OK to employ software-based controls. But IoT demands a much stronger security foundation.</p>
<div>
<h2>IoT Operations Mandate Foolproof Security</h2>
</div>
<p>In IoT use cases, runtime requirements and threats significantly differ from traditional IT settings.</p>
<h3>Protection of Data and Device Identity</h3>
<p>When &ldquo;things&rdquo; communicate&mdash;in addition to protecting the privacy and integrity of the data&mdash;it is crucial to correctly identify the source and recipient of the data. Device identity protection requires the following features, which necessitates hardware-based security design:</p>
<ul>
<li>Secure OS</li>
<li>Boot integrity</li>
<li>Secure storage of keys and secrets</li>
</ul>
<h3>Long, Uninterrupted Lifespan</h3>
<p>Whether security cameras, assembly belts, or industrial robots, embedded systems and industrial equipment are expected to run uninterrupted for years with minimal human intervention. Reliability, safety, efficiency, and productivity are critical expectations from these systems. During maintenance downtimes, operators are extremely cautious while applying software updates that could compromise their reliable operations.</p>
<h3>Resource-constrained Systems</h3>
<p>Memory and CPU footprint of connected microcontrollers, sensors, and actuators are minuscule. Power availability and connection bandwidth are also limited. Full stack software security is not an option in such cases. Also, because of direct exposure to physical attacks and harsh environmental conditions, the hardware must be tamper-proof. System on Chip (SoC) design, crypto accelerators, and security coprocessors are more viable options in resource-constrained scenarios.</p>
<h3>Updates are Difficult to Execute</h3>
<p>Embedded devices (e.g., connected turbine in a hydro-electric dam) are often placed in remote locations and accessibility can be challenging. The maintenance availability windows are infrequent and machine maintenance is more concerned about reliability than regular software updates. All these make updates difficult to apply, as evident in many industrial systems still running on Windows XP.</p>
<h3>Stronger Defense to Complex Threats</h3>
<p>A security strategy for connected devices encompasses:</p>
<ul>
<li>Boot and firmware update integrity</li>
<li>Isolation of security codes and keys, and</li>
<li>Protection against physical tampering and remote attacks</li>
</ul>
<p>Secured OS and runtime environment in hardware greatly minimizes exposure to generic exploits in Windows and other popular software platforms.</p>
<div>
<h2>Embedding Security in Hardware</h2>
</div>
<p>To secure a connected device, the first step is to establish a trust anchor. Root-of-Trust (RoT) determines the highest level of trust attainable by a device. A compromise on the RoT compromises trust for the entire system. Traditional computers mostly rely on a software-based trust anchor. But tamper-resistant hardware-based root-of-trust (RoT) can be demonstrated to behave reliably in a significantly higher percentage of attack scenarios.</p>
<div>
<h2>Hardware Security Components</h2>
</div>
<p>A trust zone can be established either in the same microprocessor or in a dedicated security processor. Many new devices include field-programmable gate arrays (FPGA). FPGAs are reprogrammable in the field. This is a major advantage when upgrading firmware for IoT devices. FPGA units might also include a CPU coprocessor to execute security-related housekeeping functions.</p>
<ul>
<li><strong>Crypto-accelerators </strong>in a small form factor are good candidates for embedding cryptographic capabilities. Hardware security modules (HSMs) provide physical isolation of security functions in the same hardware platform. A TPM&mdash;defined in ISO and TCG standards&mdash;is usually a security chip embedded in the motherboard.<br />
&nbsp;</li>
<li><strong>HSMs and TPMs</strong> can provide strong tamper resistance, cryptographic key storage, key generation using hardware random number generators (RNGs), strong authentication, boot integrity protection, and firmware integrity measurements.<br />
<br />
A device contains many secrets such as passwords, shared secrets, and data encryption keys, which need protection as well. Unauthorized disclosure of these keys could compromise that device, and possibly the broader ecosystem (e.g., IoT botnets).<br />
<br />
Secrets stored in the TPM can offer significant protection against loss through physical, software, or network interfaces. However, the limited power of the TPM&#39;s crypto engine might impact signing throughput in scaled environments&mdash;especially for high-end endpoints, such as servers, routers, and gateways.<br />
<br />
A possible solution is to hold the keys at rest in the TPM&#39;s encrypted storage, but, when in use, release them for access to platform software, or perhaps a high-throughput crypto engine. This mechanism is part of trusted computing architecture (known as &ldquo;sealing&rdquo;). Keys&mdash;or other secrets&mdash;are stored in the device&#39;s file system, in an encrypted file that can only be decrypted with keys released from the TPM when a predefined set of criteria are met.</li>
</ul>
<p>During product development, it is also worthwhile to consider whether security should be applied in an embedded or removable form factor. In the case of mobile handsets, for example, a removable secure element can simplify porting the stored credentials from one device to another. For many IoT applications (e.g., telematics or infotainment modules in a connected vehicle), an embedded secure element is more appropriate.</p>
<div>
<h2>Conclusion</h2>
</div>
<p>As millions of connected devices enter the market every year, time-to-market pressures coupled with pressures to save on space and cost are huge. Besides security standards specific to IoT are yet to solidify. These factors often lead to weaker security design. The growing number of reported IoT attacks, vulnerabilities, and exploits by hackers highlights the imperative to harden secure development lifecycle for IoT.</p>
<p>System designers can leverage the hardware security components and platforms from vendors such as Samsung, Infineon, Microchip which in addition to trust zone technology offer secure boot, secure key storage, and chip-level tamper resistance.</p>
1375How Edge Computing Re-defines IIoT Appshttps://www.mouser.com/blog/how-edge-computing-re-defines-iiot-appsAll,Industrial,IoTFri, 27 Mar 2020 04:47:49 GMT<p><img alt="" src="/blog/Portals/11/Bhattacharjee_Edge%20Computing%20Re-defines%20IIoT%20Apps_Theme%20Image-min.jpg" style="width: 600px; height: 382px;" title="" /></p>
<p><em><small>(Source: Wright Studio/Shutterstock.com)</small></em></p>
<p>Unlike enterprise IT, industrial applications operate in &ldquo;&lsquo;real-world&rsquo;&rdquo; environments and extreme outdoor conditions. Consider the example of a military drone deployed in a rugged, remote combat terrain to gather mission-critical surveillance data. The weather conditions are extreme, and internet connectivity is intermittent. In spite of these circumstances, the drone has to collect data, and then process and communicate the data in real-time. In addition, the drone has to make intelligent decisions based on data analytics. Reliance on cloud computing alone would be impractical in such scenarios. For time-sensitive, real-time actions, much of the processing, storage, and analytics must happen locally in the drone itself. That&rsquo;s where edge computing comes in.</p>
<div>
<h2>Edge Computing Marks a New Era for IIoT</h2>
</div>
<p>Cloud computing has been a central component in Internet of Things (IoT) architectures to process and analyze sensor data and to generate actionable insights. Processing data in centralized datacenters or third-party cloud facilities require additional transit to and from the cloud for every decision. The associated delay is unacceptable for time-sensitive industrial applications such as military drones, energy power plants, connected fleets, etc.</p>
<p>Each bit of data sent to the cloud costs money and precious bandwidth. Reliable internet connectivity is a major requirement to transport data. Besides, due to a single point of failure, a security breach in the cloud could adversely affect mission-critical industrial applications.</p>
<p>Edge computing complements cloud computing. In edge (or fog) computing, <a href="https://www.mouser.com/blog/blogpage/9/postid/0/blog/edge-security-in-an-insecure-world" target="_blank">much of the processing gets done on-premise, near the source of data.</a> In many cases, this could mean that compute, storage, and analytics happens in edge gateways collocated with the IoT devices. An autonomous vehicle, for example, can make immediate maneuvers and control decisions while driving on the road by processing time-series data in the vehicle itself.</p>
<p>Edge computing devices usually are lightweight and supported on a wide variety of form factors. Sometimes edge computing can also refer to a hardware-agnostic software component that can run on on-premise hardware or in virtualized environments.</p>
<p>Edge computing is a major breakthrough for Industrial Internet of Things (IIoT) applications as it meets some of their fundamental requirements.</p>
<p><strong>Real-time decisions</strong>: By processing data near its source, latency could reduce from minutes to milliseconds. Smart grid distribution networks, for example, have highly time-sensitive control and protection loops. When an anomaly is detected in the grid network, edge computing corrective control commands can be immediately sent to actuators in real time. Localized computing doesn&rsquo;t rely on network connectivity. So reliable performance is guaranteed even where connectivity is intermittent.</p>
<p><strong>Overcome big-data challenges</strong>:Industrial applications involve a high volume of time-series data. Not all of this data requires the massive computing power of data centers. Local processing significantly reduces the burden of uploading data to the cloud. Moreover, machine-learning applications can run more efficiently to detect anomalies, and to predict failures.</p>
<p><strong>Expedite IoT Integration with legacy platforms</strong>: Edge gateways have protocol translation capabilities that support data processing for legacy equipment running proprietary technologies, which cannot otherwise integrate with the open networks.&nbsp;</p>
<p><strong>Improve data security</strong>: Edge computing allows the management of a large number of assets within firewalls and reduces the attack surface by limiting round-trip data transfer to the cloud. Edge computing, however, is not a replacement of cloud computing. Offloading less resource-intensive tasks to the edge enables smarter industrial applications. Advanced analytics, which are less time-sensitive, still rely on powerful cloud-based services. The edge and the cloud both maintain device state information (digital replica) synchronized with the physical device in quasi-real-time, as illustrated in <strong>Figure 1</strong>.</p>
<p><img alt="" src="/blog/Portals/11/Edge%20Computing%20Figure%201.png" style="width: 600px; height: 339px;" title="" /></p>
<p><em><small><strong>Figure 1:</strong> Edge and Cloud computing are state-synchronized. (Source: Practical Industrial Internet of Things Security, Packt Publishers)</small></em></p>
<p>Let&rsquo;s revisit the example of a military drone: While the drone is airborne, edge-computing enables it to communicate with ground troops and the command center in real-time without having to rely on cloud connectivity and the associated latency. After returning to the base station, the drone can upload data to the cloud for advanced analytics and insights. Thus for IIoT apps, edge and cloud computing work together.</p>
<div>
<h2>Securing the Edge</h2>
</div>
<p>Because of exposure to extreme outdoor conditions and physical tampering, it is important to design edge devices with adequate security controls such as secure device operating system, tamper-resistant hardware, and hardware-based root-of-trust, and key storage. The operating system needs to support secure boot and updates, encrypted tunnels for data transport, policy-based whitelisting, etc.&nbsp;</p>
<div>
<h2>New Opportunities for Hardware Manufacturers</h2>
</div>
<p>Cloud computing technologies are mostly sector-agnostic. Both banking and healthcare applications, for example, can utilize the same cloud platform. Edge computing, however, involves use-case specific requirements for processing, storage, latency, etc. The latency requirements in a deep-water drilling application are quite different from that in a smart power grid. This opens wide opportunities across industries for edge computing hardware.</p>
<p>A market study by McKinsey and company covered 11 industry sectors including more than 100 use cases where edge computing hardware represents a potential value of $200 billion by 2025. The hardware value includes opportunity across the various components of the full stack namely, sensor, processor, on-device firmware, and storage.</p>
<p>The edge software is usually based on Docker containers and agnostic of both the underlying hardware and the operating system.</p>
<div>
<h2>Conclusion</h2>
</div>
<p>Edge computing is a major breakthrough for IIoT as it enables mission-critical IIoT applications to operate in real-time. The technology improves bandwidth utilization, saves money by reducing opex, and allows smooth operations even where internet connectivity is intermittent. Also, edge computing does not replace but augments cloud computing, opening new market opportunities for hardware vendors.</p>
1374The Critical Role of Gateways in IoThttps://www.mouser.com/blog/critical-role-of-gateways-iotAll,Industrial,IoTSat, 30 Nov 2019 05:58:00 GMT<p><img alt="" src="/blog/Portals/11/Bhattacharjee_The%20Critical%20Role%20of%20Gateways%20in%20IoT_Theme%20Image.jpg" style="margin-left: 10px; margin-right: 10px; float: left; width: 250px; height: 146px;" title="" /></p>
<p>During the early days of networking, the term &ldquo;gateway&rdquo; essentially meant hardware capable of protocol translation. As the internet evolved, routers and switches became the dominant network gears, and we almost forgot about gateways, until recently, with the advent of the Internet of Things (IoT).</p>
<p>Today, it&rsquo;s almost impossible to design an IoT use case without using a gateway. Depending on the scope of the architecture, there could be several gateways, each performing a different role. No wonder, the rapidly expanding IoT gateway market is expected to ship more than 139 million units by 2021. These findings are from ABI Research&rsquo;s M2M/IoT Routers and Gateways, QTR 3 2019 report.</p>
<p>What made gateways so crucial for IoT?</p>
<div>
<h2>IoT Gateways Are More Than Just&hellip; &lsquo;Gateways&rsquo;</h2>
</div>
<p>At its simplest form, an IoT gateway may just be a piece of hardware or software to collect and aggregate data from I/O devices like sensors. The gateway then communicates the data to servers either in local data centers or in the cloud. In such a simplified context (e.g., in MQTT), the gateway functions as a &ldquo;broker&rdquo;.</p>
<p>However, in a marketplace where Gartner<sup>&reg;</sup> Inc. expects 20 billion IoT devices to go live by 2020, and vendors are touting various gateway capabilities, it&rsquo;s easy to confuse the role of IoT gateways. So let&rsquo;s size up the essential functions of gateways in IoT. &nbsp;&nbsp;&nbsp;</p>
<h2>Edge/Fog Computing</h2>
<p>The most common usage of IoT gateways is as edge devices, to the extent that a few vendors market them as &lsquo;edge&rsquo; gateways. As shown in <strong>Figure 1</strong>, the edge gateway can either directly connect to IoT field equipment (sensors, actuators, etc.) or through programmable logic controllers (PLCs), distributed control system (DCS), industrial control system/supervisory control and data acquisition (ICS/SCADA) etc. which aggregate field data. These gateways need to support a wide variety of I/O interfaces, including wired, wireless, and even serial connections (e.g., RS-232).</p>
<p>In such scenarios, gateways serve two main objectives:</p>
<ol>
<li>Allow more &ldquo;things&rdquo; to go live by providing connections at industrial scale</li>
<li>Support disparate protocols&mdash;from Modbus, BACnet, to Zigbee<sup>&reg;</sup>, Wi-Fi<sup>&reg;</sup>, 4G/5G, etc.</li>
</ol>
<p><img alt="" src="/blog/Portals/11/IoT%20Gateway%20-Figure%201.png" style="width: 600px; height: 434px;" title="" /></p>
<p><em><small><strong>Figure 1</strong>: Gateways are used at multiple levels in IoT architectures (Source: Practical Industrial Internet of Things Security)</small></em></p>
<p>But a more critical role of edge gateways is localizing on-premise computing. Each bit of data sent to the cloud costs money, bandwidth, and latency. Instead of sending all data to the cloud, edge gateways distribute the processing workload among its native CPUs, or across fog nodes, and sends only meaningful data to the cloud.</p>
<p>Edge gateways are usually equipped with processing horsepower (e.g., Dell uses Intel&rsquo;s dual-core Atom processors), and software intelligence that includes filtering, analytics, and secure elements.&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</p>
<h2>Industry 4.0 and &ldquo;Brownfield&rdquo; Scenarios</h2>
<p>In industrial companies, legacy equipment is a major barrier to adopting IoT. Due to the long lifespan of industrial equipment, instead of replacing legacy gear, a viable option is to integrate legacy gear in Industrial IoT (IIoT) architectures. But how?</p>
<p>Some of the common challenges with legacy products are they:</p>
<ul>
<li>Use proprietary software stack, OS, and protocols</li>
<li>Lack capabilities for regular software and firmware upgrades</li>
<li>Lack built-in security</li>
</ul>
<p>To ease IoT adoption in brownfield scenarios, or when new software is introduced to an information technology environment where legacy systems exists, IIoT gateways fill in those gaps as they can translate proprietary protocols, clean incoming data, add context to data, and act as a &ldquo;proxy&rdquo; to facilitate firmware updates, data access, and perform other security functions.</p>
<h2>Interoperate Segments and Verticals</h2>
<p>In industrial sites, network segments typically use different proprietary protocols. Over time, industrial information systems (i.e., data historian, asset manager, manufacturing execution systems, and so on) began to use variants of IP and Ethernet standards. However, these variants support only specific industry verticals. For example, power utilities use DNP3, DC-BUS connectivity protocols, while building automation relies on MODBUS, DAC-Net, etc.</p>
<p>This impacts interoperability across verticals. For example, in a smart city project, both building automation and utilities must interconnect. Converging connectivity across different verticals is another critical gap gateways fill in. They can also interconnect disparate networks within an industrial site.</p>
<h2>Advanced Capabilities</h2>
<p>At the high-end of the spectrum, IoT gateways serve as an interface between on-premise deployments and the cloud. These gateways run complex analytics algorithms and machine learning models on incoming data, handle factory automation, execute identity and authentication services, predictive analytics, etc. without cloud contact. These gateways often blur the line between gateways and IoT platforms.</p>
<div>
<h2>Peeking Inside an IoT Gateway</h2>
</div>
<p>IoT gateways include both software and hardware components. The software can run on dedicated or virtualized platforms. The software stack implements different functionalities e.g., protocol translation, data processing, storage, aggregation, and analytics.</p>
<p>As IoT applications evolve, so will the role of IoT gateways. To future-proof innovations, designing platform-agnostic gateway software is a fundamental imperative. Using platform-agnostic gateway software helps to avoid vendor lock-in and allows you to easily supplement new features. AWS Greengrass and Microsoft<sup>&reg;</sup> IoT Edge are examples of software-agnostic edge gateways.</p>
<p>Because gateways are exposed to outdoor conditions, it is important to design gateways for the extreme. Consequently, the hardware needs to be tamper-resistant and support a wide range of operating temperatures. Gateways with a &lsquo;fanless&rsquo; design require less power and are suitable for resource-constrained settings.</p>
<div>
<h2>Conclusion</h2>
</div>
<p>As an essential component in IoT architectures, the market for IoT gateways is fast expanding. Major players include HP Enterprise, Intel<sup>&reg;</sup>, Cisco, Dell, Fujitsu, Microsoft, IBM, Red Hat, Oracle, VMware, Huawei, Pivotal, among others.</p>
<p>With new IoT connectivity technologies and standards, the industry is well-positioned to roll-out newer gateways serving newer roles. It is indeed a great time to innovate and implement newer gateway electronics and software.</p>
<h2>Key points:</h2>
<ol>
<li>It&rsquo;s almost impossible to implement an IoT use-case without using a gateway.</li>
<li>The rapidly expanding IoT gateway market is expected to ship more than 139 million units by 2021.</li>
<li>In addition to edge aggregation, gateways play a crucial role in Industry 4.0 brownfield scenarios and smart city applications.</li>
<li>Gateway design requires special attention for secured operations in resource-constrained and extreme IoT environments.</li>
</ol>
1261PKI Certificate Standards for IIoThttps://www.mouser.com/blog/pki-certificate-standards-iiotAll,Industrial,IoT,SecuritySat, 02 Nov 2019 04:58:00 GMT<p><img alt="" src="/blog/Portals/11/Bhattacharjee_PKI%20Certificate%20Standards%20for%20IIoT_Theme%20Image.jpg" style="margin-left: 10px; margin-right: 10px; float: left; width: 250px; height: 187px;" title="" /></p>
<p>Since its early days of inception, Public Key Infrastructure (PKI) protected our internet-based economy. From simple web-browsing to complicated e-commerce, PKI has secured internet transactions on a global scale, as &ldquo;the pillar-of-trust&rdquo;.</p>
<p>But what about the internet of tomorrow?</p>
<div>
<h2>Trust and Integrity Are the Basics of a Secured Internet</h2>
</div>
<p>Until now, internet transactions employed a client-server model, where human users primarily communicated with web servers. In the Internet of Things (IoT), this client-server model is widely distributed, wherein devices communicate with other devices (machine-to-machine or M2M) and the cloud servers (machine-to-cloud or M2C) without human intervention.</p>
<p>When devices communicate autonomously, both the value and risk are tied directly to the degree of trust we attribute to them. In that sense, trust underpins the enormous economic and social promises of the IoT on an industrial scale (known as the Industrial IoT or IIoT). Trust attributed to a device determines the integrity of the data that it communicates. Just imagine the impact of insulin pumps or pacemakers relying on data from spoofed sources. Ensuring trust is thus all the more important to secure the IoT. The question is, as a tried and tested open standard, to what extent can PKI help?</p>
<div>
<h2>IIoT Security and PKI Certificates</h2>
</div>
<p>In M2M communications, devices must mutually authenticate. This can be done in multiple ways.</p>
<ul>
<li><strong>Password-based authentication</strong> &ndash; Due to time-to-market, cost, and other pressures, IoT manufacturers often implement the simplest option, namely, username with default passwords. Passwords are widely used in client-server applications. Though this option is the easiest to implement, password-based authentication proves too simple to combat the sophistry of today&rsquo;s hackers. Also, password authentication can be a less suitable option due to the autonomous nature of M2M scenarios. The security breaches where IoT devices were compromised to create IoT botnets exploited this very fact.<br />
&nbsp;</li>
<li><strong>Encrypted key-based authentication</strong> &ndash; Many embedded devices use key-based authentication where keys are used as secrets. Encrypted keys are more complex and stronger than passwords. However, keys are not attested and can be spoofed and tampered, especially when the devices are vulnerable to physical access, which is very common in IoT use cases.<br />
&nbsp;</li>
<li><strong>PKI digital certificates</strong> &ndash; PKI digital certificates go a few steps further to establish trust. Certificate-based authentication in PKI uses the public-key cryptography, where the public key is signed by a trusted certificate authority (CA).</li>
</ul>
<p>Due to its robust trust model, much of the security community today is gravitating towards PKI to secure IIoT. However, PKI certificates are considerably resource-intensive, which is a concern for resource-constrained IIoT devices. Issuing, managing, and revoking certificates is also a concern in highly scaled and autonomous IIoT scenarios.</p>
<p>The pressure is high to innovate and evolve traditional PKI to adapt to the massive scale and diversity of devices, data, and connections in IIoT. The evolution must address both PKI certificate standards and certificate lifecycle management.</p>
<div>
<h2>ITU-T X.509 Certificates</h2>
</div>
<p>X.509 is the most widely used PKI certificate standard. X.509 certificates use a hierarchical format to embed the necessary information to certify the machine. Each certificate has a field for the validity period, and the associated public key issued by the CA.</p>
<p>Due to its vast popularity, the X.509 standard is experiencing rapid adoption among manufacturers of IoT devices and platforms. Some device manufacturers install the public/private key pair, which is certified and signed by the manufacturer. When various vendors along the supply chain&mdash;e.g., chipset manufacturers, OEMs, and the device owners&mdash;add their respective signed certificates, the resulting chain of trust drastically improves device integrity and authenticity.</p>
<p>The robust integrity of X.509 certificates comes at the cost of their size, which is a major drawback for low-footprint IIoT devices like sensors, microcontrollers, etc. Unless adequate storage exists for the encrypted keys, and sufficient power and CPU, implementing X.509 certificates could pose a challenge.</p>
<div>
<h2>IEEE 1609.2 Certificates for IIoT</h2>
</div>
<p>The IEEE 1609.2 certificate is an emerging standard to address the unique requirements of IIoT. The 1609.2 certificate is half the size of X.509. Using elliptic curve cryptographic (ECC) algorithms, IEEE 1609.2 reduces computational overhead without sacrificing cryptographic strength.</p>
<p>Right now, the 1609.2 standard is primarily led by the US Department of Transportation (USDOT) to build a trust model for their connected vehicle program. It addresses various constraints specific to mobile endpoints in congested, low-bandwidth environments.</p>
<p>The IEEE 1609.2 certificates support certificate trust chaining and peer-to-peer certificate distribution, which are relevant to connected vehicle-to-everything (V2X)&mdash;which includes vehicle-to-vehicle (V2V), vehicle-to-infrastructure (V2I), etc.&mdash;communications. For M2M scenarios in general, involving one-to-many and many-to-one data transfers, 1609.2 certificates are useful. But, they are not suited for persistent security sessions.</p>
<div>
<h2>Final Thoughts</h2>
</div>
<p>Since the public internet and enterprise IT applications use server-authentication, PKI was originally designed to issue certificates only to the web servers. The number of certificates needed was less, and certificate authorities were only a handful.</p>
<p>In IIoT, that legacy PKI scheme has been totally disrupted. To prevent unauthorized communications with rogue endpoints, the communicating device endpoints must authenticate each other. Although certificates can provide a robust way of mutual authentication, it requires every device to have its own certificate. As the number of IoT devices scale to millions, so does the number of certificates. Thus, manual provisioning and management of certificates of legacy PKI can&rsquo;t scale for IIoT. Currently, many newer ways of certificate management are emerging to ease the complexity of PKI adoption.</p>
<p>However, whether designing a chip, electronic board, or a device, when it comes to the trust model, we can&rsquo;t ignore PKI. As a well-established, interoperable trust framework, our focus should be to resolve any shortcomings of PKI certificates instead of bypassing them altogether.</p>
<h3>Key Points:</h3>
<ol>
<li>As a tried-and-tested technology, much of the security community today is gravitating towards PKI to secure Industrial IoT (IIoT).</li>
<li>PKI certificate standards and their management present several challenges in IoT environments.</li>
<li>In addition to X.509 certificates, IEEE 1609.2 PKI standard is being developed specifically for IIoT use cases.</li>
<li>Currently, many newer ways of certificate management are emerging to ease the complexity of PKI adoption in IIoT use cases.</li>
</ol>
1244Time-Sensitive Networking (TSN) Bolsters Industrial Controlhttps://www.mouser.com/blog/time-sensitive-networking-bolsters-industrial-controlAll,Automation,Industrial,IoTSat, 08 Jun 2019 01:00:00 GMT<p><img alt="Time-Sensitive Networking Bolsters Industrial Control Theme Image" src="/blog/Portals/11/Bhattacharjee_TSN%20Bolsters%20Industrial%20Control_Theme%20Image.jpg" style="margin-left: 10px; margin-right: 10px; float: left; width: 250px; height: 109px;" title="Time-Sensitive Networking Bolsters Industrial Control Theme Image" /></p>
<p>Determinism is an important factor in industrial connectivity design. Applications for industrial control and automation require data to be sent and received at specific time intervals. These applications also mandate guaranteed data delivery with low, bounded latency. A loss of data (e.g., in the case of a mission-critical jet propulsion system) could cause dangerous consequences.</p>
<p>IEEE 802.1 Ethernet, a widely deployed enterprise networking standard, was not designed to meet these deterministic requirements of industrial applications. To achieve determinism, proprietary enhancements to Ethernet (such as EtherCAT, PROFINET, or SERCOS III) are still used in industrial connectors, cables, and controllers. The result has been fragmented industrial networks. Due to the lack of security and interoperability, segmented networks are a bottleneck to integrate industrial control networks with Industrial IoT (IIoT) and Industry 4.0 applications.</p>
<p>As an evolution to the IEEE 802.1 Ethernet standard, Time-Sensitive Networking (TSN) addresses these problems head-on. In addition to the benefits of standard Ethernet, TSN can provide determinism with bounded low-latency and jitter. This provides the roadmap to converge enterprise and factory connectivity. It&rsquo;s also a compelling reason for industrial companies to embrace IIoT.</p>
<div>
<h2>Time-sensitive Networking Standards</h2>
</div>
<p>In the past few years, IEEE&rsquo;s TSN task group added a series of extensions to existing 802.1 standards in order to enable packet transfer while adhering to the strict latency and throughput requirements for time-sensitive traffic over the same interconnected enterprise network. Latency and throughput are configurable to suit specific use cases.</p>
<p>The standards set the guidelines to split the time between time-sensitive and best-effort traffic. Eight VLAN priorities are defined to discern the various traffic types. Every end-to-end packet flow has one of the eight VLAN priorities assigned. The highest VLAN priority is typically assigned to time-sensitive traffic.</p>
<p>In vehicles, for example, safety (e.g., lane departure warnings) and engine timing related data require guaranteed latency. For navigation and infotainment traffic, the requirements are much less stringent. TSN is useful in such use cases as it can combine all the flows over the same Ethernet cable without compromising timing requirements. This reduces the cost, weight, and labor to install multiple cables in vehicles for various traffic types.</p>
<p><strong>Figure 1</strong> shows the suite of standards enhanced for TSN. TSN&#39;s key capability standards for time synchronization, scheduled delivery, and software-defined configuration are highlighted in the diagram.</p>
<p><img alt="IEEE 802.1 suite of standards enhanced for Time-Sensitive Networks Diagram" src="/blog/Portals/11/Bhattacharjee_TSN%20Standards.jpg" style="width: 600px; height: 273px;" title="IEEE 802.1 suite of standards enhanced for Time-Sensitive Networks Diagram" /></p>
<p><small><strong><em>Figure 1</em></strong><em>: IEEE 802.1 suite of standards enhanced for Time-Sensitive Networks (Source: Practical Industrial Internet of Things Security)</em></small></p>
<h3>Time Synchronization</h3>
<p>IEEE 802.1AS specifies the time synchronization in TSN, which helps to establish a common concept of time between communicating devices. The IEEE 1588 Precise Time Protocol (PTP) standard is used to distribute an accurate timing reference between devices and switches in the network. IEEE 1588ASrev provides the IEEE 1588 profile for TSN. This standard also allows for synchronizing time by using an external reference&mdash;such as a GPS. Pilot tests for TSNs reported time synchronization with less than 100-nanosecond accuracy.</p>
<h3>Traffic Scheduling</h3>
<p>IEEE 802.1Qbv defines a time-aware shaper that helps to prioritize traffic in TSN infrastructures. A time-aware shaper segregates data exchange into fixed length, repeating time cycles. Peers agree on TSN communication to divide these cycles into time slots. Each time slot can be assigned to one or more of the eight VLAN priorities.</p>
<p>TSN defines three traffic types:</p>
<ul>
<li>Scheduled traffic: Scheduled traffic examples include industrial automation and control traffic requiring bounded latency and zero congestion loss.</li>
<li>Best-effort traffic: Best-effort traffic consists of the general Ethernet traffic with no specific Quality of Service (QoS) requirements.</li>
<li>Reserved traffic: The reserved traffic type consists of frames allocated in different time slots with a specified bandwidth reservation.</li>
</ul>
<h3>Network and System Configuration</h3>
<p>IEEE 802.1Qcc defines the TSN system configuration. TSN uses a software-defined networking concept for the automated setup and configuration of devices and network equipment. Peers agree in advance on TSN configurations for timing, scheduling, and QoS metrics. These configurations are then provisioned across the various TSN endpoints and switches. Automation eases provisioning and management as well as improves the reliability and scalability of the networks.</p>
<div>
<h2>Building TSN Capable Industrial Products</h2>
</div>
<p>TSN is mainly relevant to industrial control and automation products in levels 0, 1, and 2 in the Purdue control hierarchy. Thus TSN enhancements apply to a wide variety of controllers, I/O devices, sensors, and actuators that currently use standard Ethernet or one of its proprietary variants. Industrial cables and connectors that are usually more rugged might also need to evolve with TSN.</p>
<p>TSN is currently at an early adoption phase. To maximize its benefits, ideally, TSN would need new Ethernet switches and TSN capable endpoints. But TSN is also designed for backward compatibility. Any Ethernet device should work normally in a TSN network. Protocol translators and gateways supporting TSN would be necessary for brownfield scenarios.</p>
<p>TSN enhancements to standard Ethernet are at layer 2 of the TCP/IP stack. As such, higher-layer communication standards remain unaffected by these enhancements. Many framework and application layer protocols such as OPC-UA are also adopting TSN.</p>
<p>Key industrial, embedded, and automotive vendors are coming together to define TSN requirements for various industry use-cases, and to extend TSN concepts to wireless networks.</p>
<div>
<h2>Conclusion</h2>
</div>
<p>Time-sensitive networking is a promising evolution to standard Ethernet as it extends the benefits of IIoT to tight-looped industrial control domains. As an emerging technology, TSN is still undergoing a lot of pilot testing in various incubation testbeds. However, it may not be too far when TSN-compliant products become the norm.</p>
<p><strong>Key Points:</strong></p>
<ul>
<li>IEEE 802.1 Ethernet cannot provide deterministic performance for industrial applications.</li>
<li>Time-sensitive networking is an evolution of standard Ethernet capable of deterministic capabilities.</li>
<li>TSN-capable products enable the upgrade of industrial control networks with open standards-based IP/Ethernet technologies.</li>
</ul>
1184Securing IoT Products from Unique Threatshttps://www.mouser.com/blog/securing-iot-products-from-unique-threatsAll,Computing,IoT,SecurityMon, 18 Feb 2019 19:41:23 GMT<p><img alt="" src="/blog/Portals/11/Bhattacharjee_Securing%20IoT%20products%20from%20Unique%20Threats_Theme%20Image.jpg" style="margin-left: 10px; margin-right: 10px; float: left; width: 250px; height: 141px;" title="" /></p>
<p>In a recent security conference, a white-hat hacker maliciously injected an 830V shock in a pacemaker, simply by using a laptop at a distance of up to 15.24m. Needless to say that the &ldquo;real-world impact&rdquo; of such an attack could be deadly. There are claims that hackers can easily scale such attacks to multiply the fatal impact on patients with pacemakers. The latest generation of pacemakers is essentially made up of network-connected implantable Internet of Things (IoT) devices. Regardless of the industry, security vulnerabilities in any IoT device pose serious concerns.</p>
<p>Network connectivity exposes IoT products to new attack vectors. The infamous Distributed Denial-of-Services (DDoS) attack on Dyn Domain Name System (DNS) servers in 2016 showed how attackers could weaponize unsecured IoT devices as IoT botnets. The cyber-physical characteristics of connected &ldquo;things&rdquo; further raise the threshold for securing them.</p>
<div>
<h2>Why is security so critical for cyber-physical systems?</h2>
</div>
<p>A Cyber-Physical System (CPS) refers to any network-connected product that interacts directly with the physical environment. Examples of cyber-physical systems include:<br />
&nbsp;</p>
<ul>
<li>Connected wearables (e.g., fitness monitors)</li>
<li>Implantable devices (e.g., pacemakers)</li>
<li>Autonomous vehicles</li>
<li>Industrial robots</li>
<li>Gas turbines<br />
&nbsp;</li>
</ul>
<p>Cyber-connectivity to a private or public network expands their attack surface. An attacker can connect remotely and exploit a vulnerability in a CPS, and use it as a tool to inflict significant physical damages. In 2010, the infamous Stuxnet worm infected the industrial control systems and manipulated the relay of sensor feedback to the controllers, which ultimately damaged 984 uranium-enriching centrifuges in the Iranian nuclear plants. Thus, a security breach for CPS is not just about the loss of data or reputation; it also implies environmental damages, loss of lives, and as such involves moral, legal, and ethical consequences.</p>
<div>
<h2>Unique challenges of securing IoT products</h2>
</div>
<p>Designers can easily pinpoint the large differential in threat models between any traditional standalone systems versus an IoT product. An IoT product invariably operates as a part of a connected ecosystem, or even a &ldquo;system-of-systems&rdquo; as in the case of smart power generation utilities, which makes their security posture uniquely challenging.</p>
<p>In addition to inherent security vulnerabilities in native hardware and software in IoT endpoints, we must factor in the vulnerabilities induced by their operation environment, network connectivity, and interoperability with third-party platforms and systems.</p>
<h3>Operational Environment</h3>
<p>Unlike traditional PCs, an IoT product converges computing with domain-specific operations. An industrial robot, for example, performs domain-specific functions in an industrial setting in addition to embedded computation and storage functions.</p>
<p>The environment where IoT products operate enforces certain unique security challenges:<br />
&nbsp;</p>
<ul>
<li><strong>Divergent security priorities</strong>: IT security practices focus on data confidentiality, integrity, and system availability. In an operational environment; however, protection of the place, people, and processes takes precedence. Thus, standard IT security practices when applied to IoT must preserve if not enhance their safety and reliability requirements.</li>
</ul>
<p>&nbsp;</p>
<ul>
<li value="2"><strong>Inadequate cybersecurity proficiency</strong>: In September 2017, the Industrial Control Systems Cyber Emergency Response Team (ICS-CERT) flagged multiple security gaps in the syringe infusion pumps used in US hospitals. The majority of those were related to the use of hard-coded or factory-default security credentials. Users and operations staff are not always cybersecurity experts, and hence are unable to detect and protect against these flaws.</li>
</ul>
<p>&nbsp;</p>
<ul>
<li value="3"><strong>Timely patching:</strong> Software and firmware updates are provided to resolve security bugs. In industrial settings; however, regular patching is not the norm. Besides, in many instances, the firmware upgrade may require decommissioning the IoT product temporarily.</li>
</ul>
<p>&nbsp;</p>
<ul>
<li value="4"><strong>System limitations:</strong> Many IoT products such as sensors and actuators have low memory and CPU footprint, which limits their embedded security capabilities.</li>
</ul>
<p>&nbsp;</p>
<h3>Network Connectivity</h3>
<p>Connectivity exposes otherwise &ldquo;safe&rdquo; products to the fallout of cyber intrusion. In 2014, Charlie Miller and Chris Valasek remotely brought a connected vehicle running at full speed on the highway to a complete halt by exploiting its software flaws. To read their full report, see their article titled <em>Remote Exploitation of an Unaltered Passenger Vehicle</em>.</p>
<p>Information security design has mostly relied on perimeter protection using firewalls and zoning. The increasing use of radio technology and wireless in IoT products renders them easy targets for remote attacks. Unencrypted data communications are also a leading cause of IoT compromises.</p>
<h3>Third-party Interoperability</h3>
<p>Any IoT solution involves multiple service providers of technologies, configurations, and protocols. This leads to more complexity, uneven security compliance, and increases in the attack surface. Subscription-based models increase the dependency on third-party providers for device provisioning, management, and operations, which exposes new attack vectors.</p>
<div>
<h2>A 4-tier approach to secure IoT products</h2>
</div>
<p>IoT security needs to go above and beyond traditional cybersecurity measures to overcome these challenges. A full-stack approach to IoT security encompassing edge-to-cloud workflows is essential. A 4-tier security model for an IoT system design can mitigate the unique risks.&nbsp;</p>
<h3>Reliable endpoint design</h3>
<p>Due to their direct interaction with the physical environment, a tamper-proof design is highly desirable. Suitable credentials such as non-default username/password or Public Key Infrastructure (PKI) certificates can limit unauthorized device access and operations. A few other security design measures to consider:<br />
&nbsp;</p>
<ul>
<li>Trusted Platform Module (TPM) based root-of-trust</li>
<li>Initialization and boot process integrity</li>
<li>Provision for secure firmware and software updates</li>
<li>Integrity of stored and in-transit data<br />
&nbsp;</li>
</ul>
<p>Selection of secured Real Time Operating System (RTOS) and fault isolation with containerization can secure the endpoint during runtime.&nbsp;</p>
<h3>Secure network access</h3>
<p>Due to the unique challenges of IoT operations, design thinking needs to envision and deeply analyze the use case scenarios regarding:<br />
&nbsp;</p>
<ul>
<li>Access methodologies</li>
<li>Product usage</li>
<li>Data communications</li>
<li>Corner cases<br />
&nbsp;</li>
</ul>
<p>This directly leads to developing threat models for network connectivity and gives us a sense of how to:<br />
&nbsp;</p>
<ul>
<li>Secure the access ports</li>
<li>Encrypt data during storge and transport</li>
<li>Use tunnels</li>
<li>Secure the protocol</li>
<li>Enforce deep-packet inspection in the network perimeters<br />
&nbsp;</li>
</ul>
<p>Wireless and RF are predominant choices for IoT connectivity and are typically more vulnerable. However, you can mitigate the connectivity risks by:<br />
&nbsp;</p>
<ul>
<li>Enforcing network access credentials through access and identity control</li>
<li>Enabling the built-in security capabilities of common IoT protocols such as:
<ul>
<li>Message Queue Telemetry Transport (MQTT)</li>
<li>Constrained Application Protocol (CoAP)</li>
<li>Zigbee&reg;</li>
<li>Transmission Control Protocol/Internet Protocol (TCP/IP)<br />
&nbsp;</li>
</ul>
</li>
</ul>
<h3>Compliance-based design</h3>
<p>Although compliance doesn&rsquo;t equate to security, compliant design can minimize vulnerabilities. Unlike information security, IoT security involves safety, reliability and resilience, in addition to data integrity, privacy and availability. In other words, if a breach happens, the system must be designed to carefully transition to a stable failure state with minimal impact on its surroundings. In the case of an autonomous vehicle at full-speed, a failure should carefully bring it to a halt. That is why in addition to cybersecurity standards&mdash;Federal Information Processing Standards (FIPS), ISO 27001, National Institute of Standards and Technology (NIST) SP 800, etc.&mdash;system design needs to interweave compliance with industry-specific regulations&mdash;e.g., Health Insurance Portability and Accountability (HIPAA), Department of Transportation (DOT).</p>
<h3>Cloud and Applications Security</h3>
<p>Cloud-based provisioning, device management, as well as data and application hosting are central to any IoT product deployment. Many IoT products run on Software as a Service (SaaS), where a third party hosts the software layer. Although system designers might or might not have direct control over the security implementation in cloud-based services, it is still essential to architect the deployment based on certain cloud security standards and best practices, which are clearly enumerated in the product documentation.</p>
<div>
<h2>Conclusion</h2>
</div>
<p>Connected products are the future of our industries. In an ever-evolving threat landscape, the cyber-physical characteristics of IoT add to the security challenges. Once you identify the challenges, the 4-tier approach discussed in this blog provides a methodical approach to mitigate the risks.</p>
<h3>Key Points:</h3>
<ul>
<li>IoT security is not just about the loss of data or reputation, it also implies environmental damages, loss of lives, and involves moral, legal, and ethical consequences.</li>
<li>An IoT product operates as a part of a connected ecosystem, which makes their security posture uniquely challenging.</li>
<li>A 4-tier security model for IoT system design to mitigate threats involves reliable endpoint design, secure network access, compliance-based design, and cloud and application security.</li>
</ul>
1152